Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/I01Lo7qwhvaLI2U54ucZ10pkExs.roa
File: I01Lo7qwhvaLI2U54ucZ10pkExs.roa (raw, json)
Hash identifier: mTrGRc4f1Skt/0lHfZ3XZbVEvrQ9mBUuWZXJpIXORz4=
Subject key identifier: 23:4D:4B:A3:BA:B0:86:F6:8B:23:65:39:E2:E7:19:D7:4A:64:13:1B
Certificate issuer: /CN=386ab970bfb6947597e97cefb916ec76a0c56858
Certificate serial: 0194228D8D90C4DC70561EF9F94ADA1E6E32
Authority key identifier: 38:6A:B9:70:BF:B6:94:75:97:E9:7C:EF:B9:16:EC:76:A0:C5:68:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OGq5cL-2lHWX6XzvuRbsdqDFaFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/I01Lo7qwhvaLI2U54ucZ10pkExs.roa
Signing time: Wed 01 Jan 2025 15:48:09 +0000
ROA not before: Wed 01 Jan 2025 15:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206725
IP address blocks: 2001:678:134::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:8d:90:c4:dc:70:56:1e:f9:f9:4a:da:1e:6e:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=386ab970bfb6947597e97cefb916ec76a0c56858
Validity
Not Before: Jan 1 15:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=234d4ba3bab086f68b236539e2e719d74a64131b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c8:0e:02:eb:89:d8:b1:48:4f:aa:a1:d6:8a:
9c:07:21:8e:2d:54:2e:f7:bb:12:f4:85:d5:9c:c4:
58:9b:60:33:37:08:74:fb:92:d6:0c:ac:60:b2:74:
38:f7:77:7d:05:ac:43:06:c7:66:bd:13:8e:09:a4:
db:78:ed:dc:a1:df:c5:cd:83:ec:cc:ad:2e:46:6c:
64:6a:c0:37:36:df:8e:f7:50:57:e9:66:af:ca:1e:
1e:ce:4d:79:7a:6a:e4:ec:57:bf:b4:4b:9d:9a:cf:
0b:ed:14:f2:b0:78:07:c7:2a:e4:78:20:13:68:5e:
20:b6:37:ce:a6:6e:bd:d1:f3:0e:d3:f7:87:78:f6:
45:1f:52:23:69:b6:74:a2:fd:38:5f:46:2b:35:8f:
64:a5:5b:9d:f6:72:d7:79:dc:22:62:79:66:33:29:
9b:01:d6:14:5b:71:5a:b9:ce:1f:d3:9c:cc:49:6a:
fd:aa:84:ce:34:a7:f9:30:0f:2c:9c:b3:b8:17:5b:
c3:e0:29:e6:de:0b:4f:1c:10:15:14:a0:2e:f3:fb:
17:e9:5f:75:ba:fe:ec:49:0b:4d:51:32:3f:1a:72:
10:5c:02:cc:f7:8a:ff:6c:d3:4b:f6:39:76:a2:ff:
a3:6f:ce:30:54:54:2c:a3:69:b2:bb:df:9d:9a:0a:
02:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:4D:4B:A3:BA:B0:86:F6:8B:23:65:39:E2:E7:19:D7:4A:64:13:1B
X509v3 Authority Key Identifier:
keyid:38:6A:B9:70:BF:B6:94:75:97:E9:7C:EF:B9:16:EC:76:A0:C5:68:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGq5cL-2lHWX6XzvuRbsdqDFaFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/I01Lo7qwhvaLI2U54ucZ10pkExs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/OGq5cL-2lHWX6XzvuRbsdqDFaFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:134::/48
Signature Algorithm: sha256WithRSAEncryption
25:b0:5b:42:a3:f8:5c:75:bf:50:5b:af:3b:42:6c:66:d5:e4:
34:02:88:b6:91:89:28:71:67:fc:77:9f:44:d8:0d:04:45:c4:
94:56:6f:12:33:a2:7f:e2:ec:ad:0b:1a:d0:79:12:fe:a2:1d:
c4:a4:a2:86:29:d5:fc:46:ba:5d:03:6a:12:13:77:95:0e:e9:
09:c0:e2:e6:ee:3d:c8:8c:12:b3:ac:f5:1e:a5:04:29:22:af:
1d:3c:5b:9a:4d:99:3c:c9:ca:d1:3b:89:a2:77:6e:8e:c8:37:
53:02:2f:5f:28:ae:b9:6a:a0:3e:6a:0e:19:47:3d:85:ca:e5:
78:2a:f1:d4:b0:e4:b2:a0:a5:09:0b:23:6c:9e:dd:91:51:da:
cf:2f:07:b7:57:45:fd:21:cb:67:7c:81:f9:3e:76:40:ae:b4:
48:0a:0c:9e:40:d1:30:53:7d:8d:d0:a3:ff:5a:07:71:11:70:
56:6e:3f:78:49:27:d2:14:be:d0:81:8e:f9:ff:bd:be:d5:75:
25:6f:7b:a1:ae:9c:7a:1c:99:a1:29:70:4d:a7:a9:79:ea:6e:
43:bd:63:30:af:63:08:54:16:c3:0e:ee:fb:53:83:6a:6c:df:
cf:ca:d1:04:45:81:c4:ba:c6:6d:fd:72:cc:d5:f4:59:6e:92:
77:e6:4a:54
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQijY2QxNxwVh75+UraHm4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NmFiOTcwYmZiNjk0NzU5N2U5N2NlZmI5MTZlYzc2YTBj
NTY4NTgwHhcNMjUwMTAxMTU0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzRkNGJhM2JhYjA4NmY2OGIyMzY1MzllMmU3MTlkNzRhNjQxMzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMgOAuuJ2LFIT6qh1oqcByGOLVQu
97sS9IXVnMRYm2AzNwh0+5LWDKxgsnQ493d9BaxDBsdmvROOCaTbeO3cod/FzYPs
zK0uRmxkasA3Nt+O91BX6Wavyh4ezk15emrk7Fe/tEudms8L7RTysHgHxyrkeCAT
aF4gtjfOpm690fMO0/eHePZFH1IjabZ0ov04X0YrNY9kpVud9nLXedwiYnlmMymb
AdYUW3Fauc4f05zMSWr9qoTONKf5MA8snLO4F1vD4Cnm3gtPHBAVFKAu8/sX6V91
uv7sSQtNUTI/GnIQXALM94r/bNNL9jl2ov+jb84wVFQso2myu9+dmgoCxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCNNS6O6sIb2iyNlOeLnGddKZBMbMB8GA1UdIwQY
MBaAFDhquXC/tpR1l+l877kW7HagxWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0dxNWNMLTJsSFdYNlh6dnVSYnNkcURGYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC80MWZkYTktOTcwMi00NThkLTk4MmYt
OGQxMTI1N2Q0YWY2LzEvSTAxTG83cXdodmFMSTJVNTR1Y1oxMHBrRXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC80MWZkYTktOTcwMi00NThkLTk4MmYtOGQxMTI1N2Q0YWY2
LzEvT0dxNWNMLTJsSFdYNlh6dnVSYnNkcURGYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAE0
MA0GCSqGSIb3DQEBCwUAA4IBAQAlsFtCo/hcdb9QW687Qmxm1eQ0Aoi2kYkocWf8
d59E2A0ERcSUVm8SM6J/4uytCxrQeRL+oh3EpKKGKdX8RrpdA2oSE3eVDukJwOLm
7j3IjBKzrPUepQQpIq8dPFuaTZk8ycrRO4mid26OyDdTAi9fKK65aqA+ag4ZRz2F
yuV4KvHUsOSyoKUJCyNsnt2RUdrPLwe3V0X9IctnfIH5PnZArrRICgyeQNEwU32N
0KP/WgdxEXBWbj94SSfSFL7QgY75/72+1XUlb3uhrpx6HJmhKXBNp6l56m5DvWMw
r2MIVBbDDu77U4NqbN/PytEERYHEusZt/XLM1fRZbpJ35kpU
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:40 2025 by rpki-client